Nuclei flaw allows signature bypass and code execution

A vulnerability in Nuclei, an open-source vulnerability scanner, could allow attackers to bypass signature checks and execute malicious code. A high-severity security flaw, tracked as CVE-2024-43405 (CVSS score of 7.4), in the open-source vulnerability scanner ProjectDiscovery’s Nuclei, could allow attackers to bypass signature checks and execute malicious code. The Wiz’s engineering team discovered the vulnerability. The vulnerability […]

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

securityaffairs.co - 20/Jan 15:20

TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices...

Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack Any User Account

itsecuritynews.info - 15/Jan 14:32

A newly disclosed critical vulnerability in Cal.com, an open-source scheduling and booking platform, could allow attackers to bypass authentication...

Palo Alto Networks Firewall Vulnerability Allows Attackers To Trigger Denial Of Service

itsecuritynews.info - 15/Jan 14:33

Palo Alto Networks has released security updates to address a high‑severity denial-of-service (DoS) vulnerability in PAN-OS that could allow...

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Critical sandbox escape flaw found in popular vm2 NodeJS library

bleepingcomputer.com - 27/Jan 16:35

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary...

Critical sandbox escape flaw found in popular vm2 NodeJS library

bleepingcomputer.com - 27/Jan 16:35

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary...

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

itsecuritynews.info - 26/Jan 10:09

A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or...

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

itsecuritynews.info - 26/Jan 10:09

A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or...

Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)

securityaffairs.co - 15:53

Fortinet released fixes for a critical FortiOS SSO auth bypass (CVE-2026-24858) actively exploited, impacting FortiOS, FortiManager, and...

Rubriques :

Nuclei flaw allows signature bypass and code execution

Articles similaires

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack Any User Account

Palo Alto Networks Firewall Vulnerability Allows Attackers To Trigger Denial Of Service

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

Critical sandbox escape flaw found in popular vm2 NodeJS library

Critical sandbox escape flaw found in popular vm2 NodeJS library

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption

Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)

Les derniers communiqués